By now, you’ve probably heard all about the bizarre photo-editing app Meitu – but if you haven’t downloaded it yet, you might want to think twice before doing so.

Security experts are warning that the free app comes with a hefty trade-off, granting Meitu permission to harvest your personal data and spy on users, with Android users hit hardest.

Far beyond requiring permission to use just the camera and camera roll, the app can access your location, local IP, unique device identifier numbers (IMSIs), WiFi connection, and even information on phone calls or other apps you’re running.

And, users have pointed out that it’s sending the details to several external IP addresses.

Far beyond requiring permission to use just the camera and camera roll, the app can access your location, local IP, unique device identifier numbers (IMSIs), WiFi connection, and even information on phone calls or other apps you’re running

According to Meitu, this data is only being collected for identity protection, service upgrades, criminal investigations, and customer feedback, TechCrunch reports.

But, experts say the expansive set of permissions is unnecessary, and could be put to other uses than those described – like selling it to marketers, or repurposing it for profit.

While Apple blocks apps from collecting users’ IMSIs, the Android version does not, and this could potentially be used to track users’ internet activity.

Many have argued that the Android version is far more invasive, but even with certain precautions in place to protect Apple users, the iOS app can still obtain ‘partially sensitive’ information, TechCrunch reports.

This includes details on your mobile carrier, and whether or not your iPhone is jailbroken.

Share this article

Experts say the expansive set of permissions is unnecessary, and could be put to other uses than those described – like selling it to marketers, or repurposing it for profit

WHAT MEITU CAN ACCESS ON ANDROID

The full list of permissions shown on the Google Play store (for Android):

Device & app history

· Retrieve running apps

Location

· Approximate location (network based)

Phone

· Read phone status and identity

Photos/Media/Files

· Read the contents of your USB storage

· Modify or delete the contents of your USB storage

Camera

· Take pictures and videos

WiFi connection information

· View Wifi connections

Device ID & call information

· Read phone status and identity

Other

· Receive data from Internet

· View network connections

· Change system display settings

· Full network access

· Change your audio settings

· Run at startup

· Reorder running apps

· Control vibration

· Prevent device from sleeping

· Google Play license check

On Google Play, the app lists its full set of permissions for the latest version, 6.1.0.2.

This includes device and app history, location, phone, photo/media/files, storage, camera, WiFi connection information, and Device ID and call information, along with a long list of ‘other’ permissions.

For Apple users, Meitu can access cellular data and even creates a unique device identifier based on part of its MAC address, according to Apple Insider.

On Twitter, users including security researcher Greg Linares have shared their own findings regarding the app’s questionable activity.

@rekrom12 revealed code for sending a slew of details about the device for analytics, including model, resolution, Android OS version, MAC address, and IMEI. A full list of the collected data is pictured

WHAT MEITU CAN ACCESS ON IOS

Along with obtaining permission to your camera and camera roll, Meitu can access cellular data.

According to Apple Insider, it also creates a unique device identifier based on part of its MAC address.

And Jonathan Zdziarski pointed out that Meitu runs checks to determine if your iPhone is jailbroken.

Another user, @FourOctets, linked Meitu’s network activity to several Chinese IP addresses, though this has not yet been confirmed.

Jonathan Zdziarski pointed out on Twitter that iOS version of Meitu even runs a series of checks to determine if your iPhone is jailbroken.

The privacy warnings come as social media has become flooded with the cutesy, and terrifying, selfie masterpieces of Meitu, seemingly out of nowhere.

The photo-editing app has already enjoyed years of popularity in China, and has now nearly taken over the internet after being discovered in the West as well.

On Twitter , users have shared their own findings regarding the app’s questionable activity, including security researcher Greg Linares

Not only have users tested it out on themselves, but they’ve also used it to create hilarious images of famous figures, from Donald Trump to ‘Salt Bae.'

The free Meitu app is available for both Android and iPhone, and can be used for regular photo editing, like removing blemishes or even giving yourself a ‘virtual facelift.’

But, with the ‘hand-drawn’ feature, you can ‘transform your photos into hand paintings,’ according to the firm.

Scroll the bar side to side to see the effects of Meitu

‹Slide me›

Seemingly out of nowhere, social media has become flooded with the cutesy, and terrifying, selfie masterpieces of Meitu. Donald Trump is pictured before (left) and after (right) being edited with the app